cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

DEEP AUDIT UPDATE: Found hidden cPanel API dependencies

Browse Source 
CRITICAL NEW FINDINGS:

1. WordPress Cron Manager - CATASTROPHIC
   - 33 references to /var/cpanel/userdata
   - 9 references to public_html
   - Completely relies on cPanel userdata for domain→user lookups
   - Will be 100% broken on InterWorx without major refactor

2. cPanel API Dependencies - SILENT FAILURES
   - whmapi1/uapi calls found in 3 modules
   - These commands DON'T EXIST on InterWorx!
   - Will fail silently without proper error handling

   Affected modules:
   - live-attack-monitor.sh: whmapi1 cphulkd_list_blocks/add_whitelist
   - enable-cphulk.sh: Multiple whmapi1 calls
   - system-health-check.sh: whmapi1 in help messages

3. 500-error-tracker.sh - PHP Handler Issues
   - Reads php_admin_value from /var/cpanel/userdata
   - InterWorx uses different PHP configuration method

UPDATED TOTALS:
- Was: 14 modules need fixes
- Now: 16 modules need fixes
- 3 with critical API dependencies
- 1 requires complete refactor (wordpress-cron-manager)

SOLUTION DOCUMENTED:
- Wrap ALL whmapi1/uapi calls in SYS_CONTROL_PANEL checks
- InterWorx has ModSecurity + fail2ban (no CPHulk equivalent)
- Must fail gracefully with warnings

UPDATED IMPLEMENTATION PLAN:
- Phase 3: Security modules + API wrapping
- Phase 4: WordPress + website diagnostics (MAJOR REFACTOR)
- Phase 5: Monitoring tools
- Phase 6: System health conditional checks

This audit is now COMPLETE and accurate.
This commit is contained in:
cschantz
2025-11-19 19:45:07 -05:00
parent f513e5503d
commit f522ba80b7
1 changed files with 72 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
INTERWORX_COMPATIBILITY_AUDIT.md
+72 -14
View File
@@ -4,13 +4,23 @@
## Executive Summary ## Executive Summary
Out of **38 total modules**, **14 modules** have hardcoded cPanel-specific paths that will break on InterWorx servers. Out of **38 total modules**, **16 modules** have cPanel-specific dependencies that will break on InterWorx servers.
### Compatibility Status: ### Compatibility Status:
-**3 modules** - Already InterWorx compatible (using SYS_LOG_DIR) -**3 modules** - Already InterWorx compatible (using SYS_LOG_DIR)
- ⚠️ **14 modules** - Need InterWorx fixes (hardcoded paths) - ⚠️ **16 modules** - Need InterWorx fixes (hardcoded paths + API calls)
-**21 modules** - Control panel agnostic (no paths) -**19 modules** - Control panel agnostic (no paths)
### CRITICAL NEW FINDINGS (Deep Audit):
**whmapi1/uapi API Dependencies Found:**
- These cPanel APIs will FAIL silently on InterWorx!
- Found in: live-attack-monitor.sh, enable-cphulk.sh, system-health-check.sh
**WordPress Module Crisis:**
- wordpress-cron-manager.sh: 33 userdata references, 9 public_html references
- Completely broken on InterWorx without major refactor
--- ---
@@ -32,20 +42,23 @@ Out of **38 total modules**, **14 modules** have hardcoded cPanel-specific paths
### PRIORITY 1: Critical Security Modules ### PRIORITY 1: Critical Security Modules
#### 1. **live-attack-monitor.sh** ⚠️ HIGH PRIORITY #### 1. **live-attack-monitor.sh** ⚠️ CRITICAL PRIORITY
**Issues:** **Issues:**
- Line 1256: `LOG_DIR="${SYS_LOG_DIR:-/var/log/apache2/domlogs}"` - Line 1256: `LOG_DIR="${SYS_LOG_DIR:-/var/log/apache2/domlogs}"`
- Line 1261-1262: Hardcoded `/var/log/httpd/access_log` - Line 1261-1262: Hardcoded `/var/log/httpd/access_log`
- Line 1267: Comment mentions "cPanel domlogs" - Line 1267: Comment mentions "cPanel domlogs"
- Line 1537: CPHulk detection (cPanel-only feature) - Line 1537: CPHulk detection (cPanel-only feature)
- **NEW:** Uses `whmapi1 cphulkd_list_blocks` - cPanel API call!
- **NEW:** Uses `whmapi1 cphulkd_add_whitelist` - cPanel API call!
**Fix Required:** **Fix Required:**
- Already uses `SYS_LOG_DIR` (GOOD!) - Already uses `SYS_LOG_DIR` (GOOD!)
- But fallback is wrong - should use system-detect.sh - But fallback is wrong - should use system-detect.sh
- Add InterWorx log discovery like bot-analyzer - Add InterWorx log discovery like bot-analyzer
- CPHulk detection should be cPanel-only conditional - Wrap ALL whmapi1 calls in `if [ "$SYS_CONTROL_PANEL" = "cpanel" ]`
- CPHulk features should be cPanel-only conditional
**Impact:** Real-time attack monitoring won't see attacks on InterWorx **Impact:** Real-time attack monitoring won't see attacks on InterWorx + API calls will fail
--- ---
@@ -122,9 +135,28 @@ Out of **38 total modules**, **14 modules** have hardcoded cPanel-specific paths
--- ---
#### 6. **wordpress-cron-manager.sh** ⚠️ CRITICAL PRIORITY
**Issues:**
- **33 references to `/var/cpanel/userdata`** - HEAVY dependency!
- **9 references to `public_html`** - Wrong document root
- Domain→user lookup completely relies on userdata files
- Checks userdata for servername, main_domain, etc.
- WordPress detection searches in `/home/*/public_html`
**Fix Required:**
- Complete refactor required!
- Replace ALL userdata reads with `get_user_info()` and `get_user_domains()`
- Support InterWorx document roots: `/home/user/domain.com/html`
- WordPress detection must search both public_html AND domain.com/html
- Domain→user mapping must use user-manager.sh functions
**Impact:** WordPress cron management completely broken on InterWorx
---
### PRIORITY 3: Live Monitoring Tools ### PRIORITY 3: Live Monitoring Tools
#### 6. **web-traffic-monitor.sh** ⚠️ MEDIUM PRIORITY #### 7. **web-traffic-monitor.sh** ⚠️ MEDIUM PRIORITY
**Issues:** **Issues:**
- Line 12-13: Hardcoded `/var/log/apache2/domlogs` - Line 12-13: Hardcoded `/var/log/apache2/domlogs`
- Line 32: Error message mentions "domlogs" - Line 32: Error message mentions "domlogs"
@@ -247,14 +279,15 @@ These modules don't use control panel-specific paths (21 total):
## Recommended Implementation Plan ## Recommended Implementation Plan
### Phase 3: Critical Security Modules (THIS PHASE) ### Phase 3: Critical Security Modules (NEXT)
1. **malware-scanner.sh** - Fix document root discovery 1. **malware-scanner.sh** - Fix document root discovery + cPanel path assumptions
2. **live-attack-monitor.sh** - Fix log discovery 2. **live-attack-monitor.sh** - Fix log discovery + wrap whmapi1 calls
3. **optimize-ct-limit.sh** - Remove hardcoded fallback 3. **optimize-ct-limit.sh** - Remove hardcoded fallback
### Phase 4: Website Diagnostic Modules ### Phase 4: Critical Website Modules
1. **website-error-analyzer.sh** - Full InterWorx support 1. **wordpress-cron-manager.sh** - MAJOR REFACTOR (33 userdata refs, 9 public_html refs)
2. **500-error-tracker.sh** - Full InterWorx support 2. **website-error-analyzer.sh** - Full InterWorx support
3. **500-error-tracker.sh** - Full InterWorx support + PHP handler detection
### Phase 5: Monitoring Tools ### Phase 5: Monitoring Tools
1. **web-traffic-monitor.sh** 1. **web-traffic-monitor.sh**
@@ -263,7 +296,32 @@ These modules don't use control panel-specific paths (21 total):
4. **tail-apache-error.sh** 4. **tail-apache-error.sh**
### Phase 6: System Tools ### Phase 6: System Tools
1. **system-health-check.sh** - Make cPanel checks conditional 1. **system-health-check.sh** - Make cPanel checks conditional + wrap whmapi1 references
---
## cPanel API Compatibility Issue
### The Problem:
Several modules use cPanel's whmapi1/uapi commands that **do not exist on InterWorx**.
### Affected Modules:
1. **live-attack-monitor.sh** - `whmapi1 cphulkd_list_blocks`, `whmapi1 cphulkd_add_whitelist`
2. **enable-cphulk.sh** - Multiple whmapi1 calls (cPanel-only module, expected)
3. **system-health-check.sh** - whmapi1 references in help messages
### Solution:
Wrap ALL API calls in control panel detection:
```bash
if [ "$SYS_CONTROL_PANEL" = "cpanel" ]; then
whmapi1 cphulkd_list_blocks
fi
```
### InterWorx Alternatives:
- CPHulk equivalent: InterWorx has ModSecurity + fail2ban (different approach)
- No direct API equivalent for CPHulk features
- Should detect and skip gracefully with warning
--- ---